An Android malware campaign covering more than 40 applications and affecting as many 36.5 million users has been uncovered on the Google Play Store by researchers from Check Point Software.
The malware, thankfully, doesn't resort to ransomware or stealing bank credentials. Instead, it installs a form of auto-clicking adware to generate large amounts of fraudulent clicks on advertisements in order to raise money for the perpetrators.
According to Check Point, the malware has a reach of anywhere between 8.5 million and 36.5 million users worldwide from 41 different apps offered for sale on the Google Play Store, perpetrated in two distinct campaigns.
The malware, claims Check Point, has been freely available on Google Play for many years, and regularly updated until recently. Google is supposed to thoroughly vet software before it is allowed for sale in order to prevent malware from infecting users.
The malware was embedded in apps developed by a Korean company called Kiniwini, which was registed on Google Play as EniStudio.
"Similar to previous malware that has infiltrated Google Play, such as FalseGuide and Skinner, Judy relies on the communications with its command and control server for its operation," claimed the researchers.
They add that the apps containing the malware have been remove from the Play Store by Google following a warning from Check Point.
"To bypass 'Bouncer', Google Play's [anti-malware] protection, the hackers created a seemingly benign bridgehead app, meant to establish a connection to the victim's device, and insert it into the app store," explains Check Point in its advisory.
Upon clicking the ads, the malware author receives payment from the website developer.
Apps used by the malware creators include Fashion Judy: Snow Queen Style, Fashion Judy: Vampire style, Chef Judy: Character Lunch and Fashion Judy: Frozen Princess - hence, of course, the name given to the malware campaign.
Android has repeatedly been targeted by malware and scammers - and Google itself has come under criticism for not doing more to protect users in its 'walled garden' operating system.
Following the WannaCry global ransomware campaign, Google came in for criticism for refusing to deal with security flaws behind three-quarters of the ransomware on the Android platform.
The company has said that it will deal with the security flaw in the next iteration of Android, due in the autumn, and also said that it won't patch the flaw in any current versions of Android.
Microsoft seizes control of phishing sites linked with Russian state hackers
Fitness trackers over-estimate the number of steps their users take, analysis of 67 research reports suggests
Everything we think we know about the imminent Apple iPhone 9, iPhone 11 and iPhone 11 Plus launches
All the latest rumours about Apple iPhone Displays, CPUs, launch dates and even prices
Nvidia brings Turing microarchitecture into the high-end gaming segment